def put(self): password_parser = reqparse.RequestParser() password_parser.add_argument('old_password', help='This field cannot be blank', required=True, type=str) password_parser.add_argument('new_password', help='This field cannot be blank', required=True, type=str) data = password_parser.parse_args() user = UserModel.find_by_username(get_jwt_identity()) if UserModel.verify_hash(data['old_password'], user.password): if len(data['new_password']) < 8: abort(400, message=PASSWORD_TOO_SHORT) user.password = UserModel.generate_hash(data['new_password']) user.persist() return SimpleMessage(PASSWORD_CHANGED), 201 else: abort(401, message=OLD_PASSWORD_INCORRECT)
def post(self): parser = reqparse.RequestParser() parser.add_argument('username', help='This field cannot be blank', required=True, type=str) parser.add_argument('password', help='This field cannot be blank', required=True, type=str) data = parser.parse_args() current_user = UserModel.find_by_username(data['username']) if not current_user: abort(400, message=USER_DOESNT_EXIST) if UserModel.verify_hash(data['password'], current_user.password): access_token = create_access_token(identity=data['username']) refresh_token = create_refresh_token(identity=data['username']) return AuthResponse(LOGIN_SUCCESS, current_user, access_token=access_token, refresh_token=refresh_token), 202 else: abort(400, message=WRONG_CREDENTIALS)
def authenticate(email, password): user = UserModel.find_by_email(email) if user and UserModel.verify_hash(password, user.password): return user